5 files changed, 42 insertions, 100 deletions
diff --git a/templates/nsd.conf b/templates/nsd.conf
deleted file mode 100644
index 246e308..0000000
--- a/templates/nsd.conf
+++ /dev/null
@@ -1,26 +0,0 @@
-# Managed by Ansible
-server:
-	server-count: 1 # use this number of cpu cores
-	database: "/var/db/nsd/nsd.db"
-	zonelistfile: "/var/db/nsd/zone.list"
-	username: nsd
-	logfile: "/var/log/nsd.log"
-	pidfile: "/var/run/nsd.pid"
-	xfrdfile: "/var/db/nsd/xfrd.state"
-
-{% if nsd_keys is defined %}
-{% for key in nsd_keys %}
-key:
-	name: {{key.name}}
-	algorithm: {{key.algorithm}}
-	secret: "{{key.secret}}"
-{% endfor %}
-{% endif %}
-
-
-{% for zone in nsd_zones %}
-zone:
-	name: {{zone}}
-	zonefile: /etc/nsd/%s.zone
-
-{% endfor %}
diff --git a/templates/nsd/nsd.conf b/templates/nsd/nsd.conf
new file mode 100644
index 0000000..43f2f12
--- /dev/null
+++ b/templates/nsd/nsd.conf
@@ -0,0 +1,35 @@
+server:
+	#server-count: 1 # use this number of cpu cores
+	{% if nsd_bindaddr is defined %}ip-address: {{nsd_bindaddr}}
+	{% elif is_deb %}
+
+	# Workaround for systemd-resolved nonsense on Ubuntu servers
+	ip-address: {{ansible_facts['all_ipv4_addresses'][0]}}
+	{% endif %}
+
+	hide-version: yes
+	verbosity: 1
+	database: "" # disable database
+	
+	remote-control:
+		control-enable: yes
+		control-interface: /var/run/nsd.sock
+
+{% if nsd_keys is defined %}
+{% for key in nsd_keys %}
+key:
+	name: {{key.name}}
+	algorithm: {{key.algorithm}}
+	secret: "{{key.secret}}"
+{% endfor %}
+{% endif %}
+
+
+{% for zone in nsd_zones %}
+zone:
+	name: {{zone}}
+	{% if is_openbsd %}zonefile: master/%s.zone
+	{% else %}zonefile: {{zone_dir}}/%s.zone
+{% endif %}
+
+{% endfor %}
diff --git a/templates/nsd/run.j2 b/templates/nsd/run.j2
new file mode 100644
index 0000000..02f4587
--- /dev/null
+++ b/templates/nsd/run.j2
@@ -0,0 +1,7 @@
+#!/bin/sh
+set -e
+if ! [ -d /var/log/nsd ]; then
+	mkdir /var/log/nsd
+fi
+nsd -d 2>&1 | svlogd -tt /var/log/nsd
+
diff --git a/templates/openbsd_nsd.conf b/templates/openbsd_nsd.conf
deleted file mode 100644
index 70e3541..0000000
--- a/templates/openbsd_nsd.conf
+++ /dev/null
@@ -1,70 +0,0 @@
-# Manged by Ansible
-
-server:
-        hide-version: yes
-        verbosity: 1
-        database: "" # disable database
-
-## bind to a specific address/port
-#       ip-address: 192.0.2.53
-#       ip-address: 192.0.2.53@5678
-#       ip-address: 2001:db8::53
-
-## make packets as small as possible, on by default
-#       minimal-responses: yes
-
-## respond with truncation for ANY queries over UDP and allow ANY over TCP,
-## on by default
-#       refuse-any: yes
-
-remote-control:
-        control-enable: yes
-        control-interface: /var/run/nsd.sock
-
-## tsig key example
-#key:
-#       name: "tsig1.example.com."
-#       algorithm: hmac-sha256
-#       secret: "bWVrbWl0YXNkaWdvYXQ="
-
-## master zone example
-#zone:
-#       name: "example.com"
-#       zonefile: "master/example.com"
-#       notify: 192.0.2.1 NOKEY
-#       provide-xfr: 192.0.2.1 NOKEY
-
-## slave zone example
-#zone:
-#       name: "example.net"
-#       zonefile: "slave/example.net"
-#       allow-notify: 192.0.2.2 tsig1.example.com.
-#       request-xfr: 192.0.2.2 tsig1.example.com.
-
-## dynamically configured zones, used with "nsd-control addzone/delzone".
-## filenames are constructed using the pattern: %s - zone name.
-## %1 - first character of zone name, %2 second, ## %3 third.
-## %z - topleveldomain label of zone, %y, %x next labels in name.
-#pattern:
-#       name: "master"
-#       zonefile: "master/%s.zone"
-#       notify: 192.0.2.1 NOKEY
-#       provide-xfr: 192.0.2.1 NOKEY
-
-
-{% if nsd_keys is defined %}
-{% for key in nsd_keys %}
-key:
-	name: {{key.name}}
-	algorithm: {{key.algorithm}}
-	secret: "{{key.secret}}"
-{% endfor %}
-{% endif %}
-
-
-{% for zone in nsd_zones %}
-zone:
-	name: {{zone}}
-	zonefile: master/%s.zone
-
-{% endfor %}
diff --git a/templates/run.j2 b/templates/run.j2
deleted file mode 100644
index 7173f62..0000000
--- a/templates/run.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-# install -d -m 0755 -o nsd -g nsd /run/nsd
-exec nsd -d 2>/dev/null
-